Open navigation Go to Reddit Home
Get the Reddit app Log In Log in to Reddit
Open settings menu
Go to russian_osint page
u/russian_osint • 3 yr. ago
russian_osint
 

Interview with smelly__vx, founder of vxunderground specially for Russian OSINT

Website: https://twitter.com/vxunderground

Founder's Twitter: https://twitter.com/smelly__vx

What is vx-underground? It is an online marketplace where you can find various collections of malware, virus samples and unique articles. Let's try to chat with the founder of vx-underground, also known as smelly__vx. Why he collects and publishes all this stuff for free? Let's find out.

Russian OSINT: How would you describe yourself in a few words? Who you are?

smelly__vx: I am smelly__vx. Creator of vx-underground. No one special.

Russian OSINT: Is there any interesting story behind this project and how it has been launched?

smelly__vx: In the 1980s people used to meet on BBS in 'VXs', virus exchanges. They would share virus ideas, concepts, and samples. Many VX BBS's came and went. However, in 1999-ish Vx Heaven was established, the sort of go-to place for computer malware. It was made by a Ukraine man under the alias herm1t. Sadly Vx Heaven shut down in 2014. We are the successor of Vx heaven. vx-underground was made in 2019. There was a void on the internet. There was no central place for malware stuff. After I asked around I realized no one was doing it. So, I started it.

Russian OSINT: How many people involved in the project? Do you share similar values and beliefs with other members of your community?
smelly__vx: A few people help me. We have our host, TCP.direct. We were banned from everywhere on the internet. Luckily, TCP.direct came in to offer us bullet proof hosting

Then we have our staff: Duchy, Bane, Deadlock. These people came forward because they also love malware and believe information for it should be free

Russian OSINT: Who is your main contributor for developing this project?
smelly__vx: That is a difficult question to answer. We aggregate malware papers from all over the internet. Our largest collection from a single person is malware analyst Hasherezade. She has 180+ papers on malware analysis.
Russian OSINT: In the description of your channel on Twitter: "website represents largest collection of malware samples, viruses and articles". So why does it make sense from commercial point of view to keep alive this project?... i actually haven't seen much of donations
smelly__vx: We do not do this for money. We do this because we value freedom of information (in regards to malware). Universities do not teach malware development, malware papers are scattered all across the internet. Malware is seen as the boogie man. We do not like this. We do this for a cause we believe in. If we make money from it, this is good. If we do not, that is okay too.

Russian OSINT: Is it true that earnings from donations cover all costs for hosting website and at least brings over $1000 / month?
smelly__vx: Donations do 'sort-of' cover our costs. On occasion I have had to pay for things out of my own pocket. We do not make $1000/month lol. In 2020 we made approx. $6000.

Russian OSINT: How do you get samples which are not in public? (Vt, hybrid, triage)
smelly__vx: We have about 5 or 6 people with enterprise VT accounts. They often share samples with us. On rare occasion someone may 'leak' us a malware sample.

Russian OSINT: Do you work now for reputation in order to make vx commercial in future or it always be for free?
smelly__vx: We have no intention on commercializing vx-underground

Russian OSINT: Is there any strategy you have to bring more traffic to your website?
smelly__vx: We get a lot of traffic. Despite not advertising we receive 30TB of web traffic a month. Approx. 4 million views of twitter. 7,000 unique visitors a day to the website. vx-underground is referenced and used for material in several universities across the world. We have also seen some ransomware groups using our techniques. Haha

Russian OSINT: You have a great experience in analysis of different samples, can you name top-5 sophisticated malwares? Which ones have impressed you the most and why?
smelly__vx: I liked the USAs stuxnet, it used a novel 0day, was first of its kind in the wild to target a ICS. I like the RIS's BlackEnergy virus - they took down the ukraine power grid. This was impressive. I also liked MetaPHOR a metamorphic mutation engine by The MentalDriller. Virlock, the polymorphic ransomware was cool, it was the first polymorphic ransomware seen in the wild. I also enjoyed the ransomware that targetted male chastity belts haha. It ransomed peoples penises 

Russian OSINT: If i am newbie, what can i learn from your website? What can you advice in few words for start?
smelly__vx: You can learn many things, evasion techniques, theory, etc. We have 48,000+ unique malware source codes and 400+ papers and 4,800,000 malware samples. To start though? Learn C haha or read old papers from our vx heaven archive

Russian OSINT: Are there any people in your community who can help in jabber/matrix with questions/answers?
smelly__vx: No. However, i am always available to talk

Russian OSINT: I saw interesting article from XSS forum on your website called E-zine. Do you know admin of this forum? What is your opinion about XSS?
smelly__vx: We added XSS's zine, i believed it was important to save it. I do not know the admin of XSS. As far as the marketplace of XSS, I am indifferent. It is not my job to patrol XSS. I am not law enforcement. They are free to do as they like. I need to go through the forum and found articles to add to the vx-underground paper collection

Russian OSINT: What do you think in general about russian-speaking hackers? Are they different from others? Are they good in creating malwares and viruses?
smelly__vx: Yes, Russians are very different. Americans (north and south america) are very chatty. Russians can be very direct. They can be very business oriented. They also tend to not be friendly to me because I am american. One time I was accused of being Brian Krebs. Another time I was called NSA or FBI sponsored. Hahahahaha

Russian OSINT: Are you planning to upload lockers (ransomware samples) on your website?
smelly__vx: We have thousands of ransomware samples on the website. Example: https://vxug.fakedoma.in/samples/Block.0000.txt has 52 samples. We also have some ransomware source codes on GitHub: https://github.com/vxunderground/MalwareSourceCode/tree/main/Python

Russian OSINT: Can you name your favorite top-3 resources on darkweb , where you get to know all news?
smelly__vx: I do not visit 'the darkweb' very often haha. Normally people from 'the darkweb' contact me and tell me thing

Russian OSINT: In Clearnnet, what do you read on daily basis about cybersec news?
smelly__vx: Twitter lol

Russian OSINT: What do you think about Ransomware worldwide trends? Is it gonna be worst?
smelly__vx: That is difficult to answer. Microsoft announced they will be introducing sandboxes to MS office. Malicious macros are a big source of ransomware attacks. This will impact business. They will need to evolve and become more sophisticated as security solutions adapt to their methods.

Russian OSINT: Whom do you read on Twitter? Who inspires you the most?
smelly__vx: I seriously watch maybe 30 people or so. Kaspersky GReAT, WeLiveSecurity, 0gtweet, jackson_t, TheXC3ll, ModExp, Jonas L, to name a few

Russian OSINT: Is it true that sometimes competitive APT share with you sample in order to make it publically known and sink competitors.
smelly__vx: No haha

Russian OSINT: 240,000 malware samples. i saw this post yesterday. How come you get so large collection of samples, tell me a secret)
smelly__vx: We aggregate them from various places. Sometimes public malware feeds, sometimes private ones. It is no secret and nothing special.

Russian OSINT: As independent researcher, is it true or myth that biggest antivirus companies create their own viruses to startle companies and provide them defending solutions against it?
smelly__vx: Maybe initially, but now cyber crime is too big. This would not make sense

Russian OSINT: Do you know who is responsible for attack on CD Projekt Red?
smelly__vx: No

Russian OSINT: What are the plans for 2021?
smelly__vx: Keep adding content, maybe try to talk to the admins of XSS. I am curious what they are doing on the other side of the world.

Russian OSINT: Is there any other project you are involved? Anything else besides VX-underground?
smelly__vx: No, i am boring haha

Russian OSINT: Why did you choose cybersec industry?
smelly__vx: i did not choose cybersecurity

I initially was a software engineer. i was a software engineer for many years. only recently i transitioned into cybersecurity. I transitioned because i wanted to write malware and research new malware ideas

Russian OSINT: What can you advice for beginners in cybersec?
smelly__vx: Just do something. Stop talking.

https://twitter.com/russian_osint

https://patreon.com/russian_osint

russian_osint@cryptolab.net

Archived post. New comments cannot be posted and votes cannot be cast.
Locked post. New comments cannot be posted.
  • Home
  • Popular


  • TOPICS
  • Gaming
    • Valheim
    • Genshin Impact
    • Minecraft
    • Pokimane
    • Halo Infinite
    • Call of Duty: Warzone
    • Path of Exile
    • Hollow Knight: Silksong
    • Escape from Tarkov
    • Watch Dogs: Legion
  • Sports
    • NFL
    • NBA
    • Megan Anderson
    • Atlanta Hawks
    • Los Angeles Lakers
    • Boston Celtics
    • Arsenal F.C.
    • Philadelphia 76ers
    • Premier League
    • UFC
  • Business
    • GameStop
    • Moderna
    • Pfizer
    • Johnson & Johnson
    • AstraZeneca
    • Walgreens
    • Best Buy
    • Novavax
    • SpaceX
    • Tesla
  • Crypto
    • Cardano
    • Dogecoin
    • Algorand
    • Bitcoin
    • Litecoin
    • Basic Attention Token
    • Bitcoin Cash
  • Television
    • The Real Housewives of Atlanta
    • The Bachelor
    • Sister Wives
    • 90 Day Fiance
    • Wife Swap
    • The Amazing Race Australia
    • Married at First Sight
    • The Real Housewives of Dallas
    • My 600-lb Life
    • Last Week Tonight with John Oliver
  • Celebrity
    • Kim Kardashian
    • Doja Cat
    • Iggy Azalea
    • Anya Taylor-Joy
    • Jamie Lee Curtis
    • Natalie Portman
    • Henry Cavill
    • Millie Bobby Brown
    • Tom Hiddleston
    • Keanu Reeves

  • RESOURCES
  • About Reddit
  • Advertise
  • Help
  • Blog
  • Careers
  • Press
  • Reddit, Inc. © 2023. All rights reserved.